US20170277617A1 - Source code analysis device, computer program for same, and recording medium thereof - Google Patents
Source code analysis device, computer program for same, and recording medium thereof Download PDFInfo
- Publication number
- US20170277617A1 US20170277617A1 US15/505,669 US201515505669A US2017277617A1 US 20170277617 A1 US20170277617 A1 US 20170277617A1 US 201515505669 A US201515505669 A US 201515505669A US 2017277617 A1 US2017277617 A1 US 2017277617A1
- Authority
- US
- United States
- Prior art keywords
- information
- analysis
- source code
- defect
- function
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3604—Software analysis for verifying properties of programs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/30—Creation or generation of source code
- G06F8/33—Intelligent editors
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/40—Transformation of program code
- G06F8/41—Compilation
- G06F8/42—Syntactic analysis
Definitions
- the present invention relates to a source code analysis device, a computer program for the same, and a recording medium thereof that are configured to suggest a defect correction example when a defect is detected in an analysis target source code according to a predefined analysis rule.
- Static code analysis is one of various methods for analyzing computer software. This method performs code analysis on source code of software under development without directly executing the software
- Static analysis tools are programs developed to automatically perform static program analysis using software rather than by humans. In general, the size of source code is very large, and it is almost impossible to manually perform static program. Therefore, it is the role of the static analysis tool to automate and perform these analyses. Static analysis tools may detect various kinds of defects or vulnerabilities in the source code according to the type, and inform a user of the detected defects by analyzing the source code.
- source code analysis apparatuses that are conventionally provided and used provide only a defect detection function and generate a detection message thereof. There is a limit that a correction of the detected defect depends on personal knowledge and experience of a user (programmer).
- an object of the present invention is to provide a source code analysis device, a computer program for the same, and a recording medium thereof that are configured to suggest a defect correction example when a defect is detected in an analysis target source code according to a predefined analysis rule.
- a source code analysis device including: a source code analysis module including: a syntax analysis unit for extracting information required for analysis from a source code and refining the extracted information; a defect detection unit for detecting defect information that may cause a problem in the source code based on the information that is required for analysis and refined by the syntax analysis unit; a correction example generation unit for generating correction example information or notice information or both based on the defect information detected by the defect detection unit and the information that is required for analysis and refined by the syntax analysis unit; and an analysis result transmission unit for constructing synthesized analysis result information including the generated defect information, and the correction example information or the notice information or both and transmitting the constructed synthesized analysis result information to an analysis result output module, and the analysis result output module including: a defect output unit for extracting the defect information from the synthesized analysis result information received from the source code analysis module and outputting the extracted defect information; and a correction example output unit for extracting the correction example information or the notice information or
- the correction example generation unit may be configured to generate one or more pieces of correction example information or one or more pieces of notice information for single defect information.
- the detection of the defect information by the defect detection unit may be performed by a functional execution of each checker that is provided so as to check each defect, and each checker may transmit the synthesized analysis result information that includes the correction example information or the notice information or both to be generated for the defect information detected while detecting the defect information to the correction example generation unit.
- the correction example information may include at least one of “adding” another code line for a source code line in which the defect information is detected, “replacing” a source code line in which the defect information is detected with another source code line, and “deleting” a source code line in which the defect information is detected.
- the correction example information may include a correction example code, the correction example code being generated by inputting a deduced result that is obtained by analyzing the source code according to a predetermined template by the checker that has detected the defect information.
- a computer program stored in a medium and configured to perform: a source code analysis function and an analysis result output function in a source code analysis device, wherein the source code analysis function includes: a syntax analysis function for extracting information required for analysis from a source code and refining the extracted information; a defect detection function for detecting defect information that may cause a problem in the source code based on the information that is required for analysis and refined by the syntax analysis function; a correction example generation function for generating correction example information or notice information or both based on the defect information detected by the defect detection function and the information that is required for analysis and refined by the syntax analysis function; and an analysis result transmission function for constructing synthesized analysis result information including the generated defect information, and the correction example information or the notice information or both and transmitting the constructed synthesized analysis result information to an analysis result output function, and the analysis result output function includes: a defect output function for extracting the defect information from the synthesized analysis result information received from the source code analysis function and outputting the extracted defect information;
- a computer readable recording medium whereby a computer program configured to perform a source code analysis function and an analysis result output function by a source code analysis device is recorded, wherein the source code analysis function includes: a syntax analysis function for extracting information required for analysis from a source code and refining the extracted information; a defect detection function for detecting defect information that may cause a problem in the source code based on the information that is required for analysis and refined by the syntax analysis function; a correction example generation function for generating correction example information or notice information or both based on the defect information detected by the defect detection function and the information that is required for analysis and refined by the syntax analysis function; and
- an analysis result transmission function for constructing synthesized analysis result information including the generated defect information, and the correction example information or the notice information or both, and transmitting the constructed synthesized analysis result information to an analysis result output function
- the analysis result output function includes: a defect output function for extracting the defect information from the synthesized analysis result information received from the source code analysis function and outputting the extracted defect information; and a correction example output function for extracting the correction example information or the notice information or both from the synthesized analysis result information received from the source code analysis function and outputting the extracted.
- the present invention is configured to suggest a defect correction example when a defect is detected in an analysis target source code according to a predefined analysis rule, thus the defect may be corrected in a more objective and improved way and without depending on the personnel knowledge and experience of a user (programmer).
- FIG. 1 is a configuration diagram of a source code analysis device according to an embodiment of the present invention.
- FIG. 2 is an example configuration of analysis result information of the source code analysis device according to the embodiment of the present invention.
- FIG. 3 is a source code screen example in which a defect is detected by a checker of a defect detection unit of the source code analysis device according to the embodiment of the present invention.
- FIG. 4 is an output screen example of synthesized analysis result after clicking a correction example button of the source code analysis device according to the embodiment of the present invention.
- FIG. 5 is an example menu display example of the output screen of the synthesized analysis result after clicking the correction example button of the source code analysis device according to the embodiment of the present invention.
- FIG. 6 is a defect information display example of the output screen of the synthesized analysis result after clicking the correction example button of the source code analysis device according to the embodiment of the present invention.
- FIG. 7 is a correction example information display example of the output screen of the synthesized analysis result after clicking the correction example button of the source code analysis device according to the embodiment of the present invention.
- FIG. 8 is a notice information display example of the output screen of the synthesized analysis result after clicking the correction example button of the source code analysis device according to the embodiment of the present invention.
- FIG. 9 is an XML output class example of a checker implementation class for the source code analysis device according to the embodiment of the present invention.
- FIG. 10 is a code generation class example of the checker implementation class for the source code analysis device according to the embodiment of the present invention.
- FIG. 1 is a configuration diagram of a source code analysis device according to an embodiment of the present invention
- FIG. 2 is an example configuration of analysis result information of the source code analysis device according to the embodiment of the present invention.
- the source code analysis device A may include a source code input module 100 , a source code analysis module 200 , an analysis result output module 300 , and a control module 400 .
- a computer program for implementing the source code analysis device may be implemented to be operated in conventional computer hardware.
- the source code input module 100 may receive an analysis target source code in a code file format so that the source code analysis module 200 that will be described later may perform an analysis process.
- the code file may be input by inputting a file or by opening the file through a user.
- the source code analysis module 200 generates synthesized analysis result information 240 A including defect information 220 A, correction example information 230 A and various types of notice information 230 B that may be generated while correcting the defect from the source code received for analysis.
- the analysis result output module 300 displays the defect information 220 A, the correction example information 230 A and the notice information 230 B to a user based on the synthesized analysis result information 240 A received from the source code analysis module 200 .
- the source code analysis module 200 and the analysis result output module 300 may be implemented in a single integrated module.
- the source code analysis module 200 includes a syntax analysis unit 210 , a defect detection unit 220 , a correction example generation unit 230 , and an analysis result transmission unit 240 .
- the syntax analysis unit 210 extracts various types of information required for analysis from the received source code and refines the extracted information.
- the information required for analysis may be, for example, an abstract syntax tree, or a number of lines, positional information of the source code, etc.
- the defect detection unit 220 detects the defect information 220 A that may cause a problem in the source code based on the information that is required for analysis and refined by the syntax analysis unit 210 .
- the defect detection unit 220 may detect the defect information 220 A by executing, for example, a function of a checker that checks whether or not the source code includes a defect.
- the defect information 220 A may be configured with a file name of the source code in which a defect is actually detected, a defect type and positional information such as a line, a part of the source code that actually has caused the defect, actual defect information such as a flow of the source code where the defect has occurred, etc.
- the syntax analysis function of the syntax analysis unit 210 and the defect detection function of the defect detection unit 220 may be implemented through the same configuration or similar configuration that implements functions of a syntactic analysis and of a defect information detection by using various well-known static analysis tools.
- the static analysis tool is well known through various commercial product with analysis methods that are based on a syntactic base or on a semantic base, thus the detailed description thereof is omitted.
- the defect detection unit 220 may detect the defect information 220 A by executing functions of respective checkers configured to respectively check a defect.
- the respective checkers are configured to transmit the synthesized analysis result information 240 A including the correction example information 230 A and the notice information 230 B generated for the defect information 220 A detected while detecting the defect information 220 A to the correction example generation unit 230 .
- the synthesized analysis result information 240 A may be configured, for example, with a correction example XML file format, but it is not limited thereto.
- correction example information 230 A and notice information 230 B may be transmitted to the correction example generation unit 230 according to a structure of the analyzed source code.
- the checker may not provide the correction example information 230 A and the notice information 230 B according to a characteristic of the defect, or may provide only the correction example information 230 A, or the notice information 230 B.
- multiple pieces of correction example information 230 A and notice information 230 B may be generated for single defect information 220 A as multiple alternatives, and this will be separately described later.
- the correction example information 230 A and the notice information 230 B are provided together.
- the correction example generation unit 230 generates the correction example information 230 A and the notice information 230 B based on the defect information 220 A detected by the defect detection unit 220 and the information required for analysis and refined by the syntax analysis unit 210 .
- the correction example information 230 A refers to a correction example code that indicates how to actually correct the source code within the defect information 220 A in which the defect is generated. For example, the defect does not occur when the source code is corrected based on the given correction example information 230 A.
- the correction example information 230 A may include at least one of “adding” another code line for a source code line in which the defect information 220 A is detected, “replacing” a source code line in which the defect information 220 A is detected with another source code line, and “deleting” a source code line in which the defect information 220 A is detected.
- the notice information 230 B refers to various pieces of notice information that may be generated while the user corrects the source code.
- the notice information 230 B may be useful information while the user corrects the source code, additional problems that may be generated by correcting the source code according to the given correction example information 230 A, or a modification that the user has to directly correct since the modification cannot be automatically generated by the source code analysis device A.
- the analysis result transmission unit 240 constitutes the synthesized analysis result information 240 A with the defect information 220 A, the correction example information 230 A, and the notice information 230 B that are generated above and transmits the constituted synthesized analysis result information to the analysis result output module 300 .
- the synthesized analysis result information 240 A may be data within a file or a memory, or may include other information.
- the correction example information 230 A and the notice information 230 B may not be provided or may be provided in multiple pieces for single defect information 220 A according to a defect type.
- the analysis result output module 300 includes a defect output unit 310 and a correction example output unit 320 .
- the defect output unit 310 extracts the defect information 220 A from the synthesized analysis result information 240 A transmitted from the source code analysis module 200 and displays the extracted defect information 220 A.
- the defect information 220 A may be a file name of the source code in which the defect is actually detected, a defect type and positional information such as a line, a part of the source code that actually has caused the defect, actual defect information such as a flow of the source code where the defect has occurred, etc.
- the correction example output unit 320 extracts the correction example information 230 A and the notice information 230 B from the synthesized analysis result information 240 A transmitted from the source code analysis module 200 , and displays the extracted correction example information 230 A and the notice information 230 B.
- the information may be, as described above, a correction example code that shows how to actually correct the source code, and various pieces of notice information that may be generated while the user corrects the source code.
- the defect output unit 310 and the correction example output unit 320 may output information at the same time or may output additional information.
- FIG. 3 is a source code screen example in which a defect is detected by a checker of a defect detection unit of the source code analysis device according to the embodiment of the present invention.
- a correction example button is displayed on a right-upper part of the screen.
- FIG. 4 is an output screen example of synthesized analysis result after clicking a correction example button of the source code analysis device according to the embodiment of the present invention.
- Defect information, correction example information, and notice information are respectively displayed on the screen.
- One or more pieces of correction example information or one or more pieces of notice information may be provided for single defect information.
- FIG. 5 is an example menu display example of the output screen of the synthesized analysis result after clicking the correction example button of the source code analysis device according to the embodiment of the present invention.
- a number of the example menus may be varied according to a checker type and the source code.
- Each of the example menus may be folded or extended by clicking a triangle mark disposed at a left-most part of the example menu.
- a defect information menu indicates how to correct the defect detected by the checker.
- FIG. 7 is a correction example information display example of the output screen of the synthesized analysis result after clicking the correction example button of the source code analysis device according to the embodiment of the present invention.
- the correction example menu shows which part of the source code and how to correct the source code.
- the example code is provided as similar as possible to an actual code.
- a Line that is gradated in red on the screen and begins with ‘ ⁇ ’ corresponds to a code to be deleted.
- a Line that is gradated in green on the screen and begins with ‘+’ corresponds to a code to be added.
- FIG. 8 is a notice information display example of the output screen of the synthesized analysis result after clicking the correction example button of the source code analysis device according to the embodiment of the present invention.
- the notice information shows various situations and cautions that may arise when the source code is corrected. Therefore, a number of pieces of the notice information and contents thereof may vary according to a checker type and the source code.
- the below source code is an example of a correction example XML file of the source code analysis device according to the embodiment of the present invention.
- Table 1 shows an example of a main tag or variable definitions of the correction example XML file of the below source code.
- An example of the correction example XML file of the present embodiment may be understood by the below source code and Table 1.
- FIG. 9 briefly shows class examples from the top class.
- the top ‘AlarmXMLMaker’ class outputs an alarm with a Sca instance when the Sca instance is present.
- a middle ‘Sca’ class is responsible for generating a ScaAlternative instance, and the present class is used in the checker when generating the alternative.
- the lowest ‘ScaAlternative’ class includes an explanation, a code, and notice information.
- Information about adding/replacing/deleting of a code may be obtained by receiving code information generated by ‘CodeGenerator’ class or received from an original source code.
- Table 2 shows a configuration example of the checker for the source code analysis device according to the embodiment of the present invention
- Table 3 shows another configuration example of the checker for the source code analysis device according to the embodiment of the present invention
- Table 4 shows another configuration example of the checker for the source code analysis device according to the embodiment of the present invention.
- a checker checks a function call that has no effect. For example, when a third argument (parameter) value in memset is 0, the corresponding code becomes meaningless.
- Alternative 1 displays a buffer size of a buffer to be initialized if it is possible to deduce. If not, Alternative 1 displays the buffer size by using a designated identifier such as ⁇ length>>, etc.
- Alternative 2 is an alternative that is conditionally generated. When a second argument of memset is not a single constant, there is a possibility that second and third argument values may be used by being switched with each other. Therefore, Alternative 2 suggests switching the second and third argument values with each other.
- the checker of the example 3 does not include any particular notice.
- the alternative of the respective checkers shown in Tables 2 to 4 may be provided by ‘Sca’ class and ‘ScaAlternative’ class (alternative information class) shown in the above FIG. 9 .
- the alternative code of the respective checkers shown in Tables 2 to 4 may be provided by ‘CodeGenerator’ class (code generation class) shown in the above FIG. 10 .
- ‘Sca’ class, ‘ScaAlternative’ class (alternative information class), and ‘CodeGenerator’ class (code generation class) may be preset in accordance with content of the defect of each checker.
- Embodiments of the present invention include a program for performing various computer-implemented operations and a computer-readable storage medium on which the program is recorded.
- the computer-readable storage medium may include stand-alone or a combination of program instructions, data files and data structures.
- the computer-readable storage medium may be specially designed and configured for the present invention, or may also be known and available to those skilled in the computer software field.
- Examples of the computer-readable storage medium include a magnetic medium, such as a hard disk, a floppy disk, and a magnetic tape; an optical medium, such as a CD-ROM, a DVD, a USB; a magneto-optical medium such as a floptical disk; and a hardware device configured to store and perform program instructions such as a ROM, a RAM, a flash memory, etc.
- the medium may be a transmission medium such as an optical or metallic line or a waveguide, including a carrier for transmitting signals to indicate program instructions, a data structure, etc.
- Examples of the program instructions include not only machine language codes made by a compiler but also high-level language codes executable by a device for electronically processing information, such as computer, by using an interpreter.
- the source code analysis function is provided by the source code analysis module that is described above, and the analysis result output function is provided by the analysis result output module that is described above.
- the source code analysis function further performs the detailed functions of the source code analysis module, and the analysis result output function further performs the detailed functions of the analysis result output module, thus the whole function of the source code analysis device may be provided.
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Quality & Reliability (AREA)
- Debugging And Monitoring (AREA)
- Stored Programmes (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
Description
- The present invention relates to a source code analysis device, a computer program for the same, and a recording medium thereof that are configured to suggest a defect correction example when a defect is detected in an analysis target source code according to a predefined analysis rule.
- Static code analysis is one of various methods for analyzing computer software. This method performs code analysis on source code of software under development without directly executing the software
- Static analysis tools are programs developed to automatically perform static program analysis using software rather than by humans. In general, the size of source code is very large, and it is almost impossible to manually perform static program. Therefore, it is the role of the static analysis tool to automate and perform these analyses. Static analysis tools may detect various kinds of defects or vulnerabilities in the source code according to the type, and inform a user of the detected defects by analyzing the source code.
- Conventionally, source code analysis apparatuses using static analysis tools described above have been variously provided.
- However, source code analysis apparatuses that are conventionally provided and used provide only a defect detection function and generate a detection message thereof. There is a limit that a correction of the detected defect depends on personal knowledge and experience of a user (programmer).
- Accordingly, the present invention has been made keeping in mind the above problems occurring in the prior art, and an object of the present invention is to provide a source code analysis device, a computer program for the same, and a recording medium thereof that are configured to suggest a defect correction example when a defect is detected in an analysis target source code according to a predefined analysis rule.
- In order to accomplish the above object, according to one aspect of the present invention, there is provided a source code analysis device including: a source code analysis module including: a syntax analysis unit for extracting information required for analysis from a source code and refining the extracted information; a defect detection unit for detecting defect information that may cause a problem in the source code based on the information that is required for analysis and refined by the syntax analysis unit; a correction example generation unit for generating correction example information or notice information or both based on the defect information detected by the defect detection unit and the information that is required for analysis and refined by the syntax analysis unit; and an analysis result transmission unit for constructing synthesized analysis result information including the generated defect information, and the correction example information or the notice information or both and transmitting the constructed synthesized analysis result information to an analysis result output module, and the analysis result output module including: a defect output unit for extracting the defect information from the synthesized analysis result information received from the source code analysis module and outputting the extracted defect information; and a correction example output unit for extracting the correction example information or the notice information or both from the synthesized analysis result information received from the source code analysis module and outputting the extracted information.
- The correction example generation unit may be configured to generate one or more pieces of correction example information or one or more pieces of notice information for single defect information.
- The detection of the defect information by the defect detection unit may be performed by a functional execution of each checker that is provided so as to check each defect, and each checker may transmit the synthesized analysis result information that includes the correction example information or the notice information or both to be generated for the defect information detected while detecting the defect information to the correction example generation unit.
- The correction example information may include at least one of “adding” another code line for a source code line in which the defect information is detected, “replacing” a source code line in which the defect information is detected with another source code line, and “deleting” a source code line in which the defect information is detected.
- The correction example information may include a correction example code, the correction example code being generated by inputting a deduced result that is obtained by analyzing the source code according to a predetermined template by the checker that has detected the defect information.
- According to another aspect of the present invention, there is provided a computer program stored in a medium and configured to perform: a source code analysis function and an analysis result output function in a source code analysis device, wherein the source code analysis function includes: a syntax analysis function for extracting information required for analysis from a source code and refining the extracted information; a defect detection function for detecting defect information that may cause a problem in the source code based on the information that is required for analysis and refined by the syntax analysis function; a correction example generation function for generating correction example information or notice information or both based on the defect information detected by the defect detection function and the information that is required for analysis and refined by the syntax analysis function; and an analysis result transmission function for constructing synthesized analysis result information including the generated defect information, and the correction example information or the notice information or both and transmitting the constructed synthesized analysis result information to an analysis result output function, and the analysis result output function includes: a defect output function for extracting the defect information from the synthesized analysis result information received from the source code analysis function and outputting the extracted defect information; and a correction example output function for extracting the correction example information or the notice information or both from the synthesized analysis result information received from the source code analysis function and outputting the extracted information.
- According to another aspect of the present invention, there is provided a computer readable recording medium, whereby a computer program configured to perform a source code analysis function and an analysis result output function by a source code analysis device is recorded, wherein the source code analysis function includes: a syntax analysis function for extracting information required for analysis from a source code and refining the extracted information; a defect detection function for detecting defect information that may cause a problem in the source code based on the information that is required for analysis and refined by the syntax analysis function; a correction example generation function for generating correction example information or notice information or both based on the defect information detected by the defect detection function and the information that is required for analysis and refined by the syntax analysis function; and
- an analysis result transmission function for constructing synthesized analysis result information including the generated defect information, and the correction example information or the notice information or both, and transmitting the constructed synthesized analysis result information to an analysis result output function, and the analysis result output function includes: a defect output function for extracting the defect information from the synthesized analysis result information received from the source code analysis function and outputting the extracted defect information; and a correction example output function for extracting the correction example information or the notice information or both from the synthesized analysis result information received from the source code analysis function and outputting the extracted.
- As described above, the present invention is configured to suggest a defect correction example when a defect is detected in an analysis target source code according to a predefined analysis rule, thus the defect may be corrected in a more objective and improved way and without depending on the personnel knowledge and experience of a user (programmer).
-
FIG. 1 is a configuration diagram of a source code analysis device according to an embodiment of the present invention. -
FIG. 2 is an example configuration of analysis result information of the source code analysis device according to the embodiment of the present invention. -
FIG. 3 is a source code screen example in which a defect is detected by a checker of a defect detection unit of the source code analysis device according to the embodiment of the present invention. -
FIG. 4 is an output screen example of synthesized analysis result after clicking a correction example button of the source code analysis device according to the embodiment of the present invention. -
FIG. 5 is an example menu display example of the output screen of the synthesized analysis result after clicking the correction example button of the source code analysis device according to the embodiment of the present invention. -
FIG. 6 is a defect information display example of the output screen of the synthesized analysis result after clicking the correction example button of the source code analysis device according to the embodiment of the present invention. -
FIG. 7 is a correction example information display example of the output screen of the synthesized analysis result after clicking the correction example button of the source code analysis device according to the embodiment of the present invention. -
FIG. 8 is a notice information display example of the output screen of the synthesized analysis result after clicking the correction example button of the source code analysis device according to the embodiment of the present invention. -
FIG. 9 is an XML output class example of a checker implementation class for the source code analysis device according to the embodiment of the present invention. -
FIG. 10 is a code generation class example of the checker implementation class for the source code analysis device according to the embodiment of the present invention. - Before the present invention is described in detail, it should be noted that the present invention may be embodied in many different forms without departing from the spirit and significant characteristics of the present invention. Therefore, the embodiments of the present invention are disclosed only for illustrative purposes and should not be construed as limiting the present invention.
- It will be understood that, although the terms “first,” “second,” etc. may be used herein to describe various elements, these elements should not be limited by these terms. These terms are only used to distinguish one element from another element. For instance, a first element discussed below could be termed a second element without departing from the teachings of the present invention. Similarly, the second element could also be termed the first element. The term “and/or” includes any and all combinations of one or more of the associated listed items.
- It should be understood that when one element is referred to as being “connected to” or “coupled to” another element, it may be connected directly to or coupled directly to another element or be connected to or coupled to another element, having the other element intervening therebetween. On the other hand, it is to be understood that when one element is referred to as being “connected directly to” or “coupled directly to” another element, it may be connected to or coupled to another element without the other element intervening therebetween.
- Terms used herein are used only in order to describe specific embodiments rather than limiting the present invention. As used herein, the singular forms are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will be further understood that the terms “comprises” or “have” used in this specification, specify the presence of stated features, processes, operations, components, parts, or a combination thereof, but do not preclude the presence or addition of one or more other features, numerals, processes, operations, components, parts, or a combination thereof.
- Unless otherwise defined, all terms including technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which the present invention belongs. It should be understood that the terms defined by the dictionary are identical with the meanings within the context of the related art, and they should not be ideally or excessively formally defined unless the context clearly dictates otherwise in this specification.
- Hereinafter, exemplary embodiments of the invention will be described in detail with reference to the accompanying drawings. The same or corresponding elements will be consistently denoted by the same respective reference numerals and described in detail no more than once regardless of drawing symbols. When the functions of conventional elements and the detailed description of elements related with the present invention may make the gist of the present invention unclear, a detailed description of those elements will be omitted.
-
FIG. 1 is a configuration diagram of a source code analysis device according to an embodiment of the present invention andFIG. 2 is an example configuration of analysis result information of the source code analysis device according to the embodiment of the present invention. - The source code analysis device A according to the embodiment of the present invention may include a source
code input module 100, a sourcecode analysis module 200, an analysisresult output module 300, and acontrol module 400. In one embodiment, a computer program for implementing the source code analysis device may be implemented to be operated in conventional computer hardware. - The source
code input module 100, for example, may receive an analysis target source code in a code file format so that the sourcecode analysis module 200 that will be described later may perform an analysis process. For example, the code file may be input by inputting a file or by opening the file through a user. - The source
code analysis module 200 generates synthesized analysis resultinformation 240A includingdefect information 220A,correction example information 230A and various types ofnotice information 230B that may be generated while correcting the defect from the source code received for analysis. - The analysis
result output module 300 displays thedefect information 220A, thecorrection example information 230A and thenotice information 230B to a user based on the synthesizedanalysis result information 240A received from the sourcecode analysis module 200. According to an embodiment, the sourcecode analysis module 200 and the analysisresult output module 300 may be implemented in a single integrated module. - In the preferred embodiment, the source
code analysis module 200 includes asyntax analysis unit 210, adefect detection unit 220, a correctionexample generation unit 230, and an analysisresult transmission unit 240. - The
syntax analysis unit 210 extracts various types of information required for analysis from the received source code and refines the extracted information. The information required for analysis may be, for example, an abstract syntax tree, or a number of lines, positional information of the source code, etc. - The
defect detection unit 220 detects thedefect information 220A that may cause a problem in the source code based on the information that is required for analysis and refined by thesyntax analysis unit 210. Thedefect detection unit 220 may detect thedefect information 220A by executing, for example, a function of a checker that checks whether or not the source code includes a defect. Thedefect information 220A, for example, may be configured with a file name of the source code in which a defect is actually detected, a defect type and positional information such as a line, a part of the source code that actually has caused the defect, actual defect information such as a flow of the source code where the defect has occurred, etc. - The syntax analysis function of the
syntax analysis unit 210 and the defect detection function of thedefect detection unit 220 may be implemented through the same configuration or similar configuration that implements functions of a syntactic analysis and of a defect information detection by using various well-known static analysis tools. The static analysis tool is well known through various commercial product with analysis methods that are based on a syntactic base or on a semantic base, thus the detailed description thereof is omitted. - The
defect detection unit 220 may detect thedefect information 220A by executing functions of respective checkers configured to respectively check a defect. The respective checkers are configured to transmit the synthesized analysis resultinformation 240A including thecorrection example information 230A and thenotice information 230B generated for thedefect information 220A detected while detecting thedefect information 220A to the correctionexample generation unit 230. The synthesized analysis resultinformation 240A may be configured, for example, with a correction example XML file format, but it is not limited thereto. - Meanwhile, although a single checker is used, different
correction example information 230A and noticeinformation 230B may be transmitted to the correctionexample generation unit 230 according to a structure of the analyzed source code. In addition, when there is no need to provide thecorrection example information 230A and thenotice information 230B, the checker may not provide thecorrection example information 230A and thenotice information 230B according to a characteristic of the defect, or may provide only thecorrection example information 230A, or thenotice information 230B. In addition, multiple pieces ofcorrection example information 230A and noticeinformation 230B may be generated forsingle defect information 220A as multiple alternatives, and this will be separately described later. In the description of the present embodiment, thecorrection example information 230A and thenotice information 230B are provided together. - The correction
example generation unit 230 generates thecorrection example information 230A and thenotice information 230B based on thedefect information 220A detected by thedefect detection unit 220 and the information required for analysis and refined by thesyntax analysis unit 210. - The
correction example information 230A refers to a correction example code that indicates how to actually correct the source code within thedefect information 220A in which the defect is generated. For example, the defect does not occur when the source code is corrected based on the givencorrection example information 230A. - The
correction example information 230A may include at least one of “adding” another code line for a source code line in which thedefect information 220A is detected, “replacing” a source code line in which thedefect information 220A is detected with another source code line, and “deleting” a source code line in which thedefect information 220A is detected. - The
notice information 230B refers to various pieces of notice information that may be generated while the user corrects the source code. For example, thenotice information 230B may be useful information while the user corrects the source code, additional problems that may be generated by correcting the source code according to the givencorrection example information 230A, or a modification that the user has to directly correct since the modification cannot be automatically generated by the source code analysis device A. - The analysis
result transmission unit 240 constitutes the synthesized analysis resultinformation 240A with thedefect information 220A, thecorrection example information 230A, and thenotice information 230B that are generated above and transmits the constituted synthesized analysis result information to the analysisresult output module 300. The synthesized analysis resultinformation 240A may be data within a file or a memory, or may include other information. In addition, thecorrection example information 230A and thenotice information 230B may not be provided or may be provided in multiple pieces forsingle defect information 220A according to a defect type. - In the preferred embodiment, the analysis
result output module 300 includes adefect output unit 310 and a correctionexample output unit 320. - The
defect output unit 310 extracts thedefect information 220A from the synthesized analysis resultinformation 240A transmitted from the sourcecode analysis module 200 and displays the extracteddefect information 220A. Generally, as described above, thedefect information 220A may be a file name of the source code in which the defect is actually detected, a defect type and positional information such as a line, a part of the source code that actually has caused the defect, actual defect information such as a flow of the source code where the defect has occurred, etc. - The correction
example output unit 320 extracts thecorrection example information 230A and thenotice information 230B from the synthesized analysis resultinformation 240A transmitted from the sourcecode analysis module 200, and displays the extractedcorrection example information 230A and thenotice information 230B. Generally, the information may be, as described above, a correction example code that shows how to actually correct the source code, and various pieces of notice information that may be generated while the user corrects the source code. According to an embodiment, thedefect output unit 310 and the correctionexample output unit 320 may output information at the same time or may output additional information. - Hereinafter, an implementation example of the source code analysis device according to the embodiment of the present invention is described with reference to respective example screens.
-
FIG. 3 is a source code screen example in which a defect is detected by a checker of a defect detection unit of the source code analysis device according to the embodiment of the present invention. - When a defect is detected, a correction example button is displayed on a right-upper part of the screen.
-
FIG. 4 is an output screen example of synthesized analysis result after clicking a correction example button of the source code analysis device according to the embodiment of the present invention. - Defect information, correction example information, and notice information are respectively displayed on the screen. One or more pieces of correction example information or one or more pieces of notice information may be provided for single defect information.
-
FIG. 5 is an example menu display example of the output screen of the synthesized analysis result after clicking the correction example button of the source code analysis device according to the embodiment of the present invention. - A number of the example menus may be varied according to a checker type and the source code. Each of the example menus may be folded or extended by clicking a triangle mark disposed at a left-most part of the example menu.
-
FIG. 6 is a defect information display example of the output screen of the synthesized analysis result after clicking the correction example button of the source code analysis device according to the embodiment of the present invention. - A defect information menu indicates how to correct the defect detected by the checker.
-
FIG. 7 is a correction example information display example of the output screen of the synthesized analysis result after clicking the correction example button of the source code analysis device according to the embodiment of the present invention. - The correction example menu shows which part of the source code and how to correct the source code. The example code is provided as similar as possible to an actual code. A Line that is gradated in red on the screen and begins with ‘−’ corresponds to a code to be deleted. A Line that is gradated in green on the screen and begins with ‘+’ corresponds to a code to be added. When lines of codes to be corrected are too far away from each other or are positioned in different files, multiple boxes may be displayed.
-
FIG. 8 is a notice information display example of the output screen of the synthesized analysis result after clicking the correction example button of the source code analysis device according to the embodiment of the present invention. - The notice information shows various situations and cautions that may arise when the source code is corrected. Therefore, a number of pieces of the notice information and contents thereof may vary according to a checker type and the source code.
- The below source code is an example of a correction example XML file of the source code analysis device according to the embodiment of the present invention. Table 1 shows an example of a main tag or variable definitions of the correction example XML file of the below source code. An example of the correction example XML file of the present embodiment may be understood by the below source code and Table 1.
-
<alarm> <sca> <alternative id=“1”> <desc id=“crulechk.CHECKER_NAME.sca.desc.default”> <arg>func</arg> </desc> <code type=“add” src=“/src/somefile.cpp” startline=“1230”> strncpy(dst, src, 10); </code> <code type=“remove” src=“/src/somefile.cpp” startline=“1250” endline=“1251”/> <code type=“replace” src=“/src/somefile.cpp” startline=“1400”>void func(int arg) </code> <note type=“change_function_interface”> <desc id=“crulechk.CHECKER_NAME.sca.note.desc.1”> <arg>func</arg> </desc> <value type=“def_src”>/src/somefile.cpp</value> <value type =“def_line”>1250</value> <value type =“function_name”>func</value> </note> </alternative> <alternative id=“2”> ... </alternative> </sca> </alarm> -
TABLE 1 alarm Represent the top defect element sca SCA top defect element alternative Element covering each one alternative desc Represent description element of alternative (=resource property) arg Represent argument value of alternative description element of alternative. code Represent element of code to be changed note Represent notice element (note)desc Represent description element of notice (=resource property) (note)arg Represent argument value of explanation element of notice value Represent element value to be changed in notice - ‘sca’ or ‘Sca’ is an abbreviation of ‘Smart Code Alternative’, and is named as an example name of a parent element including multiple alternatives included in the correction example XML file of the present embodiment for convenience.
-
FIG. 9 is an XML output class example of a checker implementation class for the source code analysis device according to the embodiment of the present invention, andFIG. 10 is a code generation class example of the checker implementation class for the source code analysis device according to the embodiment of the present invention. -
FIG. 9 briefly shows class examples from the top class. - The top ‘AlarmXMLMaker’ class outputs an alarm with a Sca instance when the Sca instance is present.
- A middle ‘Sca’ class is responsible for generating a ScaAlternative instance, and the present class is used in the checker when generating the alternative.
- The lowest ‘ScaAlternative’ class (alternative information class) includes an explanation, a code, and notice information. Information about adding/replacing/deleting of a code may be obtained by receiving code information generated by ‘CodeGenerator’ class or received from an original source code.
- In
FIG. 10 , ‘CodeGenerator’ class (code generation class) generates a correction example code by using a deduced result, which is obtained by analyzing the source code according to a predetermined template, as an input value. CodeGenerator′ class includes ‘SimpleCodeGenerator’ for adding a line, ‘TypeCodeGenerator’ for generating a type, ‘VariableCodeGenerator’ for generating a variable, and ‘FunctionCodeGenerator’ for generating a function, etc. - Table 2 shows a configuration example of the checker for the source code analysis device according to the embodiment of the present invention, Table 3 shows another configuration example of the checker for the source code analysis device according to the embodiment of the present invention, and Table 4 shows another configuration example of the checker for the source code analysis device according to the embodiment of the present invention.
-
TABLE 2 Example 1 Checker DO_NOT_USE_ADJACENT_BINARY_ OPERATOR Source code [1] strncpy(dst, src, sizeof(dst)— 1); Alternative Description —adding blank between operators. 1 Alternative REPLACE type Alternative [1] strncpy(dst, src, sizeof(dst)— code 1); Notice none - In case of example 1, a checker checks in that binary operators except for a dot (.) operands and forward/backward operators are separated by a space. Inputting spaces in the left and the right parts where a binary operator ‘−’ is used may generate an alternative code (correction example code). In case of the present example, there is no special notice.
-
TABLE 3 Example 2 Checker DO_NOT_USE_SIZEOF_ON_ARRAY_ PARAM Source code [1] void func(char dst[ ], char src[ ]) [2] { [3] strncpy(dst, src, sizeof(dst)— 1); [4] } Alternative Description Changing function interface and 1 using third argument of strncpy as received value Alternative REPLACE type Alternative [1] void func(char dst[ ], code int<<length identifier>>, char src[ ]) Notice [changing function interface] need to correct declaration part of func function and codes using thereof Alternative REPLACE type Alternative [3] strncpy(dst, src, code <<length_identifier>>); Notice none - In case of example 2, a checker checks in that “sizeof” cannot be used for an array type variable that is received as an array type parameter. Alternative codes are generated in lines [1] and [3]. Herein, a function interface changing notice occurs due to a correction of a line [1]. When the function interface is changed, a function declaration and a part using the function may also be corrected. In “strncpy” of line [3], a length value variable added in the
Alternative 1 is put into a start phrase of a third argument. There is no particular notice in the case. -
TABLE 4 Example 3 Checker NONEFFECTIVE_FUNCTION_CALL Source code [1] char * buf= (char *)malloc(sizeof(char) * ((1 * 2) + 1)); [2] memset(buf, (1 * 2) + 1, 0); // Initialize the buffer Alternative Description Replacing third argument of memset 1 with buffer size Alternative REPLACE type Alternative [2] memset(buf, (1 * 2) + 1, code sizeof(char) * ((1 * 2) + 1)); Notice pone Alternative Description Changing second argument of memset 2 and third argument thereof with each. other since second argument thereof is not a constant. Position of the argument may be confused. Condition When second argument of memset is not a single constant. Alternative REPLACE type Alternative [3] memset(buf, 0, (1 * 2) + 1); code Notice none - In case of example 3, a checker checks a function call that has no effect. For example, when a third argument (parameter) value in memset is 0, the corresponding code becomes meaningless. Alternative 1 displays a buffer size of a buffer to be initialized if it is possible to deduce. If not,
Alternative 1 displays the buffer size by using a designated identifier such as <<length>>, etc. Alternative 2 is an alternative that is conditionally generated. When a second argument of memset is not a single constant, there is a possibility that second and third argument values may be used by being switched with each other. Therefore, Alternative 2 suggests switching the second and third argument values with each other. The checker of the example 3 does not include any particular notice. - In one embodiment, the alternative of the respective checkers shown in Tables 2 to 4 may be provided by ‘Sca’ class and ‘ScaAlternative’ class (alternative information class) shown in the above
FIG. 9 . - In another embodiment, the alternative code of the respective checkers shown in Tables 2 to 4 may be provided by ‘CodeGenerator’ class (code generation class) shown in the above
FIG. 10 . - ‘Sca’ class, ‘ScaAlternative’ class (alternative information class), and ‘CodeGenerator’ class (code generation class) may be preset in accordance with content of the defect of each checker.
- Embodiments of the present invention include a program for performing various computer-implemented operations and a computer-readable storage medium on which the program is recorded. The computer-readable storage medium may include stand-alone or a combination of program instructions, data files and data structures. The computer-readable storage medium may be specially designed and configured for the present invention, or may also be known and available to those skilled in the computer software field. Examples of the computer-readable storage medium include a magnetic medium, such as a hard disk, a floppy disk, and a magnetic tape; an optical medium, such as a CD-ROM, a DVD, a USB; a magneto-optical medium such as a floptical disk; and a hardware device configured to store and perform program instructions such as a ROM, a RAM, a flash memory, etc. In addition, the medium may be a transmission medium such as an optical or metallic line or a waveguide, including a carrier for transmitting signals to indicate program instructions, a data structure, etc. Examples of the program instructions include not only machine language codes made by a compiler but also high-level language codes executable by a device for electronically processing information, such as computer, by using an interpreter.
- In one embodiment, the source code analyzing device of the present invention may be implemented in such a manner that a functional operation of a computer is executed by a computer program for executing a source code analysis function and an analysis result output function.
- The source code analysis function is provided by the source code analysis module that is described above, and the analysis result output function is provided by the analysis result output module that is described above.
- The source code analysis function further performs the detailed functions of the source code analysis module, and the analysis result output function further performs the detailed functions of the analysis result output module, thus the whole function of the source code analysis device may be provided.
Claims (7)
Applications Claiming Priority (5)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR10-2014-0112583 | 2014-08-27 | ||
KR20140112583 | 2014-08-27 | ||
KR1020140133347A KR101623174B1 (en) | 2014-08-27 | 2014-10-02 | Source code analysis apparatus, Computer program for the same, Recording medium storing computer program for the same |
KR10-2014-0133347 | 2014-10-02 | ||
PCT/KR2015/008937 WO2016032234A1 (en) | 2014-08-27 | 2015-08-26 | Source code analysis device, computer program for same, and recording medium thereof |
Publications (2)
Publication Number | Publication Date |
---|---|
US20170277617A1 true US20170277617A1 (en) | 2017-09-28 |
US10496516B2 US10496516B2 (en) | 2019-12-03 |
Family
ID=55534423
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US15/505,669 Active 2036-05-12 US10496516B2 (en) | 2014-08-27 | 2015-08-26 | Source code analysis device, computer program for same, and recording medium thereof |
Country Status (4)
Country | Link |
---|---|
US (1) | US10496516B2 (en) |
JP (1) | JP6579340B2 (en) |
KR (1) | KR101623174B1 (en) |
CN (1) | CN106796543A (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20190080083A1 (en) * | 2016-01-27 | 2019-03-14 | Yuta TAKEDA | Processing system, and processing method and program |
CN110765003A (en) * | 2019-09-24 | 2020-02-07 | 贝壳技术有限公司 | Code detection method, device and equipment, and storage medium |
CN112181428A (en) * | 2020-09-28 | 2021-01-05 | 北京航空航天大学 | Abstract syntax tree-based open-source software defect data classification method and system |
CN112579477A (en) * | 2021-02-26 | 2021-03-30 | 北京北大软件工程股份有限公司 | Defect detection method, device and storage medium |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR101850303B1 (en) | 2016-09-13 | 2018-05-31 | 슈어소프트테크주식회사 | Method for correcting violation of source code and computer readable recording medium having program the same |
WO2020097611A1 (en) * | 2018-11-09 | 2020-05-14 | Manhattan Engineering Incorporated | Deployment models |
CN110349477B (en) * | 2019-07-16 | 2022-01-07 | 长沙酷得网络科技有限公司 | Programming error repairing method, system and server based on historical learning behaviors |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4931928A (en) * | 1988-11-09 | 1990-06-05 | Greenfeld Norton R | Apparatus for analyzing source code |
US4989145A (en) * | 1988-09-19 | 1991-01-29 | Hitachi, Ltd. | Syntax analysis and language processing system |
CN101286132A (en) * | 2008-06-02 | 2008-10-15 | 北京邮电大学 | Test method and system based on software defect mode |
US8752009B2 (en) * | 2011-09-20 | 2014-06-10 | Nec Corporation | Source code comparison device, source code comparison method and source code comparison program |
US20170212829A1 (en) * | 2016-01-21 | 2017-07-27 | American Software Safety Reliability Company | Deep Learning Source Code Analyzer and Repairer |
Family Cites Families (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH0449432A (en) * | 1990-06-19 | 1992-02-18 | Nec Corp | Syntax error analyzing system |
KR100621063B1 (en) | 1999-07-24 | 2006-09-07 | 삼성전자주식회사 | Interpreter type control program developing method and system |
JP2003006255A (en) * | 2001-06-22 | 2003-01-10 | Fujitsu Ltd | Hdl automatic correction device and hdl automatic correction program and computer readable storage medium recording the program therefor |
KR100501936B1 (en) | 2003-05-07 | 2005-07-18 | 삼성전자주식회사 | System and method for source code checking |
JP2006107338A (en) * | 2004-10-08 | 2006-04-20 | Matsushita Electric Ind Co Ltd | Program processor |
JP5168279B2 (en) | 2007-07-19 | 2013-03-21 | 富士通株式会社 | Application improvement support program, application improvement support method, and application improvement support apparatus |
JP2010097426A (en) * | 2008-10-16 | 2010-04-30 | Autonetworks Technologies Ltd | Computer program, and device and method for receiving input of source program |
CN101499015A (en) * | 2009-03-18 | 2009-08-05 | 北京和利时系统工程有限公司 | Method and converter for converting high level language to other high level languages |
KR20110020520A (en) | 2009-08-24 | 2011-03-03 | 한국전력기술 주식회사 | Software safety analysis method and system integrated with software develpoment |
JP2011129121A (en) | 2009-12-18 | 2011-06-30 | Korea Electronics Telecommun | Apparatus and system for integrally managing static analysis tool |
KR101051600B1 (en) * | 2010-03-29 | 2011-07-22 | 주식회사 소프트 포 소프트 | Systems for performing code inspection on abap source code |
JP2012103923A (en) | 2010-11-10 | 2012-05-31 | Renesas Electronics Corp | Compiler device, compiling method and compiler program |
KR20130097252A (en) | 2012-02-23 | 2013-09-03 | 삼성전자주식회사 | Method and apparatus for analysing application by source code analysis |
-
2014
- 2014-10-02 KR KR1020140133347A patent/KR101623174B1/en active IP Right Grant
-
2015
- 2015-08-26 CN CN201580046317.1A patent/CN106796543A/en active Pending
- 2015-08-26 US US15/505,669 patent/US10496516B2/en active Active
- 2015-08-26 JP JP2017510645A patent/JP6579340B2/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4989145A (en) * | 1988-09-19 | 1991-01-29 | Hitachi, Ltd. | Syntax analysis and language processing system |
US4931928A (en) * | 1988-11-09 | 1990-06-05 | Greenfeld Norton R | Apparatus for analyzing source code |
CN101286132A (en) * | 2008-06-02 | 2008-10-15 | 北京邮电大学 | Test method and system based on software defect mode |
US8752009B2 (en) * | 2011-09-20 | 2014-06-10 | Nec Corporation | Source code comparison device, source code comparison method and source code comparison program |
US20170212829A1 (en) * | 2016-01-21 | 2017-07-27 | American Software Safety Reliability Company | Deep Learning Source Code Analyzer and Repairer |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20190080083A1 (en) * | 2016-01-27 | 2019-03-14 | Yuta TAKEDA | Processing system, and processing method and program |
US10754944B2 (en) * | 2016-01-27 | 2020-08-25 | Yuta TAKEDA | Processing system, and processing method and program |
CN110765003A (en) * | 2019-09-24 | 2020-02-07 | 贝壳技术有限公司 | Code detection method, device and equipment, and storage medium |
CN112181428A (en) * | 2020-09-28 | 2021-01-05 | 北京航空航天大学 | Abstract syntax tree-based open-source software defect data classification method and system |
CN112579477A (en) * | 2021-02-26 | 2021-03-30 | 北京北大软件工程股份有限公司 | Defect detection method, device and storage medium |
Also Published As
Publication number | Publication date |
---|---|
JP2017527034A (en) | 2017-09-14 |
JP6579340B2 (en) | 2019-09-25 |
US10496516B2 (en) | 2019-12-03 |
KR101623174B1 (en) | 2016-05-20 |
KR20160025426A (en) | 2016-03-08 |
CN106796543A (en) | 2017-05-31 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10496516B2 (en) | Source code analysis device, computer program for same, and recording medium thereof | |
US8799868B2 (en) | Method and apparatus for the performing unit testing of software modules in software systems | |
Stănciulescu et al. | Concepts, operations, and feasibility of a projection-based variation control system | |
US10261884B2 (en) | Method for correcting violation of source code and computer readable recording medium having program performing the same | |
US9785430B2 (en) | Methods, systems and computer-readable media for detecting a partial commit | |
US20140215431A1 (en) | Static analysis of computer software applications having a model-view-controller architecture | |
JP6258159B2 (en) | Program information generation system, method, and program | |
JP2008171318A (en) | Software development tool | |
US11119886B2 (en) | Software analysis apparatus, software analysis method, and computer readable medium | |
US8347223B2 (en) | GUI evaluation system, method, and program for evaluating a text input component | |
US20150178264A1 (en) | Reporting the presence of hardcoded strings on a user interface (ui) | |
US9436664B2 (en) | Performing multiple scope based search and replace within a document | |
CN117076338B (en) | Method and system for dynamically debugging Linux kernel based on kprobe | |
JP2012190203A (en) | Tabular format software specification preparation support method and device | |
US10209965B1 (en) | In-line function synchronization | |
US9117026B1 (en) | Reporting the presence of hardcoded strings on a user interface (UI) | |
JP6790921B2 (en) | Program analyzer, program analysis method and program analysis program | |
KR20160066428A (en) | Method for undoing multiple command | |
JP6097231B2 (en) | Program generating apparatus and method | |
JP6111150B2 (en) | Source code analysis apparatus, source code analysis method, and program | |
US9015658B2 (en) | Automatic program generation device and automatic program generation method | |
US20150199183A1 (en) | Program analysis apparatus and program analysis method | |
TW201541329A (en) | Multilingual display support device and multilingual display support program | |
JP5958655B2 (en) | Test program, test apparatus and test method | |
JP6419357B2 (en) | Source code comparison device and source code comparison program |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: FASOO. COM CO., LTD, KOREA, REPUBLIC OF Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:HAM, HYUNGKIL;JUNG, YUNGBUM;REEL/FRAME:041776/0809 Effective date: 20170220 |
|
AS | Assignment |
Owner name: SPARROW CO., LTD., KOREA, REPUBLIC OF Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:FASOO. COM CO., LTD;REEL/FRAME:046342/0226 Effective date: 20180709 |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: NON FINAL ACTION MAILED |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: NOTICE OF ALLOWANCE MAILED -- APPLICATION RECEIVED IN OFFICE OF PUBLICATIONS |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: PUBLICATIONS -- ISSUE FEE PAYMENT VERIFIED |
|
STCF | Information on status: patent grant |
Free format text: PATENTED CASE |
|
MAFP | Maintenance fee payment |
Free format text: PAYMENT OF MAINTENANCE FEE, 4TH YR, SMALL ENTITY (ORIGINAL EVENT CODE: M2551); ENTITY STATUS OF PATENT OWNER: SMALL ENTITY Year of fee payment: 4 |